Set peer CRT length only after successful allocation

commit: accc5998ae38eab3458af9d446359e4c95f0bf8a [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Mon Feb 25 10:06:59 2019 +0000
committer: Hanno Becker <hanno.becker@arm.com> Tue Feb 26 14:38:09 2019 +0000
tree: 4d1e1c58cc34e6c64b8819366e4ce64f89db9de3
parent: 3acc9b90421b796b2aafac79bdd0113646686bde [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 9eaee9d..82ba623 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -309,15 +309,15 @@
 #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
     if( src->peer_cert_digest != NULL )
     {
-        dst->peer_cert_digest_len = src->peer_cert_digest_len;
         dst->peer_cert_digest =
-            mbedtls_calloc( 1, dst->peer_cert_digest_len );
+            mbedtls_calloc( 1, src->peer_cert_digest_len );
         if( dst->peer_cert_digest == NULL )
             return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
 
         memcpy( dst->peer_cert_digest, src->peer_cert_digest,
                 src->peer_cert_digest_len );
         dst->peer_cert_digest_type = src->peer_cert_digest_type;
+        dst->peer_cert_digest_len = src->peer_cert_digest_len;
     }
 #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
commit	accc5998ae38eab3458af9d446359e4c95f0bf8a	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Mon Feb 25 10:06:59 2019 +0000
committer	Hanno Becker <hanno.becker@arm.com>	Tue Feb 26 14:38:09 2019 +0000
tree	4d1e1c58cc34e6c64b8819366e4ce64f89db9de3
parent	3acc9b90421b796b2aafac79bdd0113646686bde [diff] [blame]